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DETAILED ACTION 
Specification 

1 . The title of the invention is not descriptive. A new title is required that is clearly 
indicative of the invention to which the claims are directed. 

The following title is suggested: "Data Transmission Control and Performance 
Monitoring Method of an IPSec link in Virtual Private Networks". 

Claim Rejections - 35 USC §112 

2. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claims 11, 14, and 18 are rejected under 35 U.S.C. 112, second paragraph, as 
being indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. Regarding claim 11 it is unclear as to which 
"network node" is being referred to on line 12. Regarding claim 14 it is unclear as to 
which "network node" is being referred to on line 34. Regarding claim 18 it is unclear as 
to which "network node" is being referred to on lines 21 and 30. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
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by another who has fulfilled the requirements of paragraphs (1 ), (2), and (4) of section 371 (c) of this 
title before the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AIPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000. 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) prior 
to the amendment by the AIPA (pre-AlPA 35 U.S.C. 102(e)). 

5. Claims 1-3, 6-8, 11-13, 14-16, 18, and 19 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Chiu et al (US 6,526,022) hereinafter Chiu. 

Regarding claims 1-3, 6, 7, 11, 12, 14-16, 18, and 19 Chiu discloses congestion 
and flow control system that includes a method, software (system must inherently 
have software to execute the required processes) and a network node ("sender" is 
a source node in the network; figure 1, element 102) for communicating with the 
IPSec protocol (column 35, lines 30-36 discloses the use oflPSec technology as a 
way to perform sender authentication) with a second network node 
("member/receiver" is a destination node in the network; element 110-11) via a 
communication link (see figure 1), the network node comprising at least 

means for transmission of an acknowledgement packet if at least one of a first 
condition and a second condition is fulfilled, 

first condition being the reception of at least a predetermined number of IPSec 
packets after transmission of the previous acknowledgement packet (column 16, lines 
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63-67 discloses that receivers send acknowledgements, ACK, after every 32 
packets), and 

second condition being the reception of a packet via the communication link after 
a predetermined time has passed after transmission of the previous acknowledgement 
packet (column 17, lines 7-15 discloses that an ACK is sent by the receiver after a 
interval of 1.5 times the estimated ACK interval expires, which is 48 packets), 

means for receiving acknowledgement packets for IPSec packets transmitted by 
the network node, 

means for obtaining a sequence number of an IPSec packet from a received 
acknowledgement packet, means for obtaining a value from the acknowledgement 
packet, said value corresponding to the amount of data received via the communication 
link by the second network node, and means for determining the packet success rate of 
the communication link at least partly on the basis of said value (column 17, lines 21- 
42 discloses that each ACK message sent from the receiver to the sender 
contains a sequence number and a bit map length. For example, if there are one 
or more missing packets, the start sequence number indicates the first missing 
packet. A bit map must follow. Each bit in the map represents a packet sequence 
number starting with the start sequence number. If the bit is set, then that packet 
is missing and must be retransmitted. When the repair head receives an ACK 
message with a missing packets bit map, the sequence number specified minus 1 
is saved for this member. This indicates that all packets prior to and including 
this sequence number have been received successfully. The repair head then 
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scans the bit map looking for missing packets. According to the explanation 
above the sender obtains from the ACK message every single received and 
missing packet. This corresponds to and is indicative of the amount of data 
received. Regarding the success rate, column 37, lines 35-55, and column 38, 
lines 1-7 discloses the sender can calculate the total size of the data that is being 
transferred. The sender obtains the success rate and throughput based on the 
count of missing packets as disclosed above and total packets sent). 

Regarding claims 8 and 13 with the features of parent claims 1 and 1 1 
addressed above Chiu discloses a method and network node further comprising at least 
the steps of a means for storing the sequence number and the transmission time of 
each IPSec packet transmitted by the network node via the communication link, and 
means for determining the round trip time of the communication link on the basis of the 
reception time of an acknowledgement packet and the stored transmission time of the 
corresponding transmitted packet (column 3, lines 51-54 discloses that in the 
transmitter a cache of already transmitted packets is maintained, including the 
sequence number of each. Column 12, lines 65-67 and column 13, lines 1-7 
discloses that at the sender, packets are scheduled for transmission according to 
a pre-determined rate. This is achieved by injecting the right amount of sleep 
time between packet departures so that the average data rate matches the 
predetermined rate. After each packet transmission, the sender computes a time 
spent value, a packet size value and a rate. With this value the sender can also 
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calculate the round trip time when the acknowledgment packet from the receiver 
arrives). 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 4, 5, and 17 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Chiu in view of Jorgensen (US 6,680,922). 

Regarding claims 4, 5, and 17 with the features of parent claims 2 and 15 
addressed above Chiu discloses where the acknowledgement packet comprises a 
packet counter value indicating the number of packets received (column 17, lines 21- 
42 discloses that each ACK message sent from the receiver to the sender 
contains a sequence number and a bit map length. For example, if there are one 
or more missing packets, the start sequence number indicates the first missing 
packet A bit map must follow. This indicates that all packets prior to and 
including this sequence number have been received successfully. The repair 
head then scans the bit map looking for missing packets. According to the 
explanation above the sender obtains from the ACK message every single 
received and missing packet. This corresponds to and is indicative of the amount 
of data received). 
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Chiu, however, fails to expressly disclose where the acknowledgement packet 
comprises a byte counter value indicating the number of bytes received via the 
communication link. 

Jorgensen discloses a VPN over a wireless PTMP transmission system utilizing 
IPSec as the method of security encryption (see column 46, lines 6-8) that at the 
sending end, the insertion of a byte count header on information that is delivered to the 
IP protocol layer and is encapsulated as part of the packet. The receiving end, when it 
gets packets is responsible for re-sequencing the packets and ensuring its accuracy. If 
all of the IP flow is not received correctly, the byte count.acknowledgment message can 
be sent back to the sending end, prompting the sending end to resend the bytes 
necessary to fill in the remaining portions of the packet flow. Additional packets are 
buffered until after resending the packet (see column 31, lines 50-61). 

It would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify Chiu's apparatus in include in the acknowledgment 
messages a byte counter, as taught by Jorgensen. The motivation is an improvement in 
the accuracy and reliability of the system. Instead on accuracy to the packet level, the 
system will be accurate to the byte level, as explained by Jorgensen on column 31, line 
55. 

8. Claims 9 and 10 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Chiu in view of Tarn (US 6,622,172). 
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Regarding claims 9 and 10 Chiu discloses a method for monitoring of a plurality 
of communication links between a source network site and a destination network site, 
each of the sites having at least one network node, in which method an active 
communication link is monitored, said method comprising at least the following steps for 
monitoring an active communication link between the source network site and the 
destination network site, the active communication link employing the IPSec protocol 
the step of transmission of an acknowledgement packet by the destination network 
node if at least one of a first condition and a second condition is fulfilled, said first 
condition being the reception of at least a predetermined number of IPSec packets after 
transmission of the previous acknowledgement packet (column 16, lines 63-67 
discloses that receivers send acknowledgements, ACK, after every 32 packets), 
and said second condition being the reception of a packet via the communication link 
after a predetermined time has passed after transmission of the previous 
acknowledgement packet (column 17, lines 7-15 discloses that an ACK is sent by 
the receiver after a interval of 1.5 times the estimated ACK interval expires, which 
is 48 packets). Chiu also discloses determining the packet success rate of the 
communication link from the number of said received response packets (column 17, 
lines 21-42 discloses the repair head then scans the bit map looking for missing 
packets. The sender obtains from the ACK message every single received and 
missing packet. This corresponds to and is indicative of the amount of data 
received. Regarding the success rate, column 37, lines 35-55, and column 38, 
lines 1-7 discloses the sender can calculate the total size of the data that is being 
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transferred. The sender obtains the success rate based on the count of missing 
packets as disclosed above and total packets sent) Chiu also discloses a means for 
storing the sequence number and the transmission time of each IPSec packet 
transmitted by the network node via the communication link, and means for determining 
the round trip time of the communication link on the basis of the reception time of an 
acknowledgement packet and the stored transmission time of the corresponding 
transmitted packet (column 3, lines 51-54 discloses that in the transmitter a cache 
of already transmitted packets is maintained, including the sequence number of 
each. Column 12, lines 65-67 and column 13, lines 1-7 discloses that at the 
sender, packets are scheduled for transmission according to a pre-determined 
rate. This is achieved by injecting the right amount of sleep time between packet 
departures so that the average data rate matches the predetermined rate. After 
each packet transmission, the sender computes a time spent value, a packet size 
value and a rate. With this value the sender can also calculate the round trip time 
when the acknowledgment packet from the receiver arrives) 

Chiu, however, fails to expressly disclose where an inactive communication link 
is monitored, the method comprising at least the following steps for monitoring an 
inactive communication link between the source network site and the destination 
network site: 

transmitting a probe packet from a source node at the source network site via 
said inactive communication link to a destination node at the destination network site, 
storing the transmission time of said probe packet in a memory means, 
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transmitting a response packet from said destination node to said source node as 
a response to receiving a probe packet, 

determining the round trip time of said inactive communication link from the 
difference of the reception time of the response packet and the stored transmission time 
of the corresponding probe packet. 

Tarn discloses a packet transmission system utilizing TCP/IP that uses a probe 
packet to measure the round trip time of a communication link that is inactive at the time 
(column 11, lines 45-60 discloses on figure 2 that a Round Trip Time Estimation 
module 12 uses a probe packet (PROBE) transmission and return paths 22, 24 
shown in isolation from the DAT arrival path 26 and the ACK transmission path 
28. In practice, the paths share the same input/output (hereinafter known as I/O) 
resources in the TCP communication protocol 10. That is, the ACK transmission 
path 28 shares the same I/O resource as the PROBE transmission path 22 and the 
DAT arrival path 26 shares the same I/O resource as the PROBE return path 24. 
Hence, to each of the other communication protocols that interact with the TCP 
communication protocol 10, there is only one transmission I/O resource and only 
one arrival/return I/O resource). 

It would have been obvious to one having ordinary skill in the art at the time the 
invention was made to modify Chiu's apparatus in include the use of a probe packet to 
monitor roundtrip times and packet success rates of inactive communication links, to 
complement the already disclosed method of monitoring active communication links, as 
taught by Tarn. The motivation is an improvement in the accuracy and reliability of the 
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system. Instead on not knowing the basic parameters of an inactive communication link, 
the use of a probe packet can help in reducing packet errors and timing issues for links 
in a TCP/IP system, as explained by Tarn on column 1 1 , lines 45-50. 

Conclusion 

9. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

The following patent is cited to show the state of the art with respect to flow 
control and data monitoring 

US Patent (6,674,713) to Berg et al 
US Patent (6,446,200) to Ball et al 
IEEE article to Tuquerres et al 

1 0. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Alan Nguyen whose telephone number is 703-305-0369. 
The examiner can normally be reached on 9am-6pm ET 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ricky Ngo can be reached on 703-305-4798. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9314. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

AVN 

March 4, 2004 




PRIMARY EXAMINER 



